Name: Insider Threats & People-Centric Approach to Security & Compliance
Start: 2020-02-25T22:30:00Z
End: 2020-02-25T23:00:40.000Z
Location: BrightTALK
Rating: 4

Proofpoint is a leading cybersecurity company that protects organizations' greatest assets and biggest risks: their people. With an integrated suite of cloud-based solutions, we help companies around the world stop targeted threats, safeguard their data, and make their users more resilient against cyber attacks. Leading organizations of all sizes, including more than half of the Fortune 1000, rely on us for people-centric security and compliance solutions that mitigate their most critical risks across email, the cloud, social media, and the web.

Threat actors constantly look for new ways to outwit victims and bypass defences. The past year has been no different. As businesses rolled out new security controls, cyber criminals responded. They added complex techniques like telephone-oriented attack delivery and MFA bypass. Unknown to most users, these techniques gave cyber attackers a new advantage. And with threat actors constantly upping their game, CISOs and Infosec teams had their work cut out. 

Now in its ninth year, our annual State of the Phish report explores end-user security awareness, resilience and risk using survey data from 15 countries. The report benchmarks understanding of common cyber-attacks and defensive tactics. And then it looks at how gaps in knowledge and cyber hygiene enable the real-world attack landscape. Most attacks target people before they target systems. 


Join us for this lively session where our experts will discuss:
• Learnings from the 2022 threat landscape and the report highlights for the Asia-Pacific region
• Common user vulnerabilities such as knowledge gaps and security habit
• How to improve cyber resilience by building and sustaining a security-aware culture at every level

2023 State of the Phish: Asia-Pacific Insights

Cyber-attacks pummelled organisations across the region in 2022. In APAC alone we saw large Australian organisations suffer from major data breaches, SMS phishing attacks in Singapore and even the New Zealand Government compromised by a third-party attack.

Ransomware, nation-state actors, and supply chain vulnerabilities were just some of the multiplying threats observed in APAC, so based on what happened during 2022, what is the cyber outlook for 2023 and what can we do to better prepare and protect ourselves?

Join us for a lively discussion as Proofpoint experts look ahead and offer some thoughts, share proven best practices and provide practical recommendations on how to deal with what we can expect, including:

• The growth and trajectory of Smishing and Vishing 
• What new technologies, including A.I. Chatbots and Deepfake Technology, mean for cybersecurity
• MFA Bypass Attacks and other new avenues for potential breaches
• How attackers are exploiting the Supply Chain, and how to preserve trust in third party partners, channels, and applications

Cyber Outlook 2023: Practical tips for tackling the year ahead

Microsoft Office 365 allows your people to work anywhere, anytime, on any device, but that
freedom creates security issues. Default email and cloud security features in M365 lack the
forensics to accurately identify threats and lack the insights to understand the cyber risks
that people pose to your organisation.
If you are looking for an easy security add-on to reduce risks on Microsoft 365 and
potentially avoid infrastructure changes (such as changing your MX record), then this
webinar is for you.
Topics to be covered will include:
• How you can get visibility into all email and cloud threats targeting your organisation
• How to best block and remediate phishing, BEC, account takeover, supplier attacks
and others that bypass Microsoft's defences
• How businesses have adopted a people-centric security model to communicate and
reduce risk

Effective Ways to Augment Your Microsoft 365 Defence

Join us for our ninth annual State of the Phish webinar for an in-depth look at the latest threat landscape, including rising threats such as MFA phishing, BEC, ransomware and TOAD attacks. Based on an analysis of anonymized data from 135M simulated phishing attacks as well as more than 18M phishing emails reported by our customers’ end users, we will provide insights into common user vulnerabilities such as knowledge gaps and security habits. We’ll also share how you can effectively mitigate these vulnerabilities with best practice security awareness education and controls.  

In this 45-minute session, we will discuss:  
- The 2022 threat landscape – complex attack techniques targeting people  
- User vulnerabilities from multiple angles 
- How organizations are delivering security education and ways to improve program success 
- Security controls that help defend against human-activated threats

AMER - 2023 State of the Phish Webinar

Many organizations that adopt cloud collaboration platforms like Microsoft 365 rely on the native security capabilities provided within them. And the shift away from securing the SMTP email gateway to protecting the cloud email platform often proves that augmenting this built-in protection with solutions like API-enabled email security is a smart decision. But how to do so isn’t always clear. 

In this webinar, you'll learn everything you need to know about supplementing your cloud-based email security to stay ahead of today’s advanced email attacks. 

Join us and guest speaker, former Gartner Senior Director Analyst Mark Harris, as we discuss: 

- Why native security tools like Microsoft Security need additional protection 
- When your organization should consider implementing added security 
- How to take a proactive, layered approach to combat today’s advanced email threats

How to Defend Your Microsoft 365 Cloud Email Infrastructure

The amount of data in your organization is exploding and stored everywhere. Your crown jewels are scattered across data repositories, making it difficult to analyze, manage, label and protect. Legacy data loss prevention (DLP) solutions break in the cloud. Only a limited amount of data can be handled efficiently through traditional, manual approaches. Today’s forward-thinking organizations are deploying new artificial intelligence (AI) data classification tools, to augment and speed the delivery of their DLP strategy. 

Join our 30-minute webinar, the third in a three-part series on defending your data, to learn: 

- How to quickly and accurately discover and classify data in shared repositories with AI classifiers 
- How to augment DLP with actionable insights and recommendations 
- How to auto-generate DLP dictionaries and continuously improve DLP rules across all enterprise channels

Defend Your Data with AI-powered Classification for Efficient Enterprise DLP

Every year, Proofpoint's threat experts examine trends from the prior year and anticipate changes in the threat landscape for the year ahead. For 2023, some of the top concerns include threat actors diversifying their monetization strategy with new attack approaches, the use of compromised identities to launch attacks with elevated privileges and broadening their view with data exfiltration as a business model.

Join Proofpoint’s experts for a 1-hour deep dive into cybersecurity threats to look out for in 2023. You will learn how to prepare and protect your most valuable assets: your people and your data.

We'll cover:

- The evolution of the threat landscape for 2023
- Key actions you can take to prepare your organization 
- Top resources to help support your security efforts

2023 Threat Landscape: What's New in ‘23

Employee turnover has been – and will continue to be - a major driver of insider threats. Yet, the underlying dynamics have shifted significantly during the past year. While late 2021 ushered in a record number of voluntary job resignations, 2022 ended with a surge in layoffs, particularly in the technology sector. With the high volume of employee churn, it’s imperative that organizations prevent the risk of data loss. How can your organization protect its most valuable data from walking out the door with departing employees?   

Join our 30-minute webinar, the second in a three-part series on defending your data, to learn: 

- How employee turnover increases the risk of insider threats 
- Lessons learned from real-life examples of data loss due to departing employees 
- How to gain granular visibility into employee behavior before they leave the organization 
- Best practices and tools to protect data and accelerate insider investigations

Defend Your Data against Insider Threats

Stolen credentials accounted for 40% of all data breaches in 2021, according to 2022 Verizon Data Breach Investigation Report. Attackers pose as your organization’s users and access sensitive data in SaaS and IaaS environments. Legacy data loss prevention (DLP) tools can’t distinguish between legitimate users and attackers who access cloud applications and steal your data. Therefore, it’s imperative to employ an adaptive, modern DLP solution that focuses on people, and not just data.

Join our 30-minute webinar, the first in a three-part series on defending your data, to learn: 

- How visibility across email and cloud environments can improve threat detection 
- How correlating sensitive data manipulation with user behavior can limit threats 
- Tips to tune your DLP program to defend against compromised users and data loss 
- Controls you can put in place today to protect data in the cloud

Defend Your Data Against Cloud Threats

The modern workforce has access to more data across more tools, channels, and devices than ever before, helping increase their efficiency. At the same time, this way of working also creates more risk of data loss, whether unintentional or malicious. Organizations need to balance the protection of sensitive data with employee productivity. So, how can your organization strike the right balance based on your culture and security needs?  

Join our 30-minute webinar and live demo, the first in a two-part series on balancing security with other organizational needs, to learn about:

- Different approaches to balancing security and productivity   
- Pros and cons of each approach
- What to consider when finding the best approach for your organization  
- How prevention policies can be customized for your specific needs

Balancing Security and Productivity

Securing data and ensuring compliance in a hybrid work environment presents many considerations, one of which is employee privacy. With work from anywhere and data everywhere, monitoring of data handling on the endpoint and in the cloud has become a necessity. As organizations seek to protect sensitive data by collecting more signals on user behavior, they must do so without violating employee privacy.

Join our webinar to learn about the importance of maintaining privacy while meeting compliance requirements and security needs.

In this 30-minute session, you will learn about:  

- What constitutes “reasonable” security  
- how can you achieve “privacy by design”  
- How you can augment your privacy and security program with managed services

Balancing Security and Privacy

Microsoft Office 365 allows your people to work anywhere, anytime, on any device, but that freedom creates security issues. Default email and cloud security features in M365 lack the forensics to accurately identify threats and lack the insights to understand the cyber risks that people pose to your organisation.

If you are looking for an easy security add-on to reduce risks on Microsoft 365 and potentially avoid infrastructure changes (such as changing your MX record), then this webinar is for you.

Watch as Jennifer Cheng, Director of Product Marketing for Proofpoint outlines ways that Proofpoint can help you augment your M365 defence. Topics covered include:
 
- How you can get visibility into all email and cloud threats targeting your organisation
- How to best block and remediate phishing, BEC, account takeover, supplier attacks and others that bypass Microsoft's defences
- How businesses have adopted a people-centric security model to communicate and reduce risk

Effective Ways to Augment Your Microsoft 365 Defences

Organizations need proven, innovative technology to inform compliance decisions, manage information risk and improve investigation readiness.  Proofpoint has been a leader in compliance and archiving for many years and can help you stay compliant with our Intelligent Compliance portfolio of products. 

Join this 30-minute webinar for a tour of our Intelligent Compliance solution.  

You will learn:  
- What key compliance challenges organizations face today 
- How purpose-built products provide tangible benefits in long-term information retention, data capture, e-discovery and supervision 
- Why organizations should consider adopting modern compliance technology

Proofpoint Intelligent Compliance

Data protection remains the top concern for most CISOs according to the Voice of the CISO 2022 Report. And organizations use a variety of SaaS, web apps, and IaaS services to serve their customer’s needs more efficiently and profitably.  
Security teams struggle to apply consistent data security policies across cloud environments, let alone implement data loss prevention controls. 

In this panel style webcast, we’ll discuss:

- State of data protection in the cloud
- The challenges of consistent policies across SaaS, IaaS and web apps
- Impact of privacy and compliance on data governance
- Complexity in Cloud Contracts and Privacy Concerns
- Best practices where information and cloud security solutions can aid your programs.

Data Protection in a Multi-Cloud World

In 2022, we’ve seen all sorts of shifts in the cybersecurity world. Nation state attacks, phishing and the growth of AI are only three out of the myriad of trends. In many ways, it’s been an unpredictable year, and security leaders have had to think on their feet to keep up with the wave of change. 

As the year comes to an end, it’s beneficial to evaluate the key trends we’ve experienced in the past 12 months, to truly consider and begin to understand what’s in store for us in the year ahead, and to plan for the unexpected. 

Join us in the final panel of 2022 as we discuss: 
-  Top security predictions for 2023
-  Balancing security and privacy
-  The evolution of the C-Suite 
-  And much more

Top Cybersecurity Predictions for 2023

Through 2022, cyber criminals have continued successfully exploiting the human element to recognize financial gain, leaning heavily on social engineering tactics. This is unlikely to change any time soon. The most sophisticated criminal organizations have evolved to mirror legitimate businesses and as a result have scaled to become more resilient while also recognizing greater profits than ever before. 

Join Daniel Blackford and Selena Larson from Proofpoint’s Threat Research team for a special 45-minute webinar as they discuss key trends and behaviors in social engineering that highlight some common misconceptions people may have about how criminal or state actors engage with them, including:  

- How threat actors may build trust with intended victims by holding extended conversations
- How threat actors expand abuse of effective tactics such as using trusted companies’ services
- How threat actors regularly leverage topical, timely, and socially relevant themes
- How Threat actors leverage orthogonal technologies, such as the telephone, in their attack chain
- How Threat actors know of and make use of existing conversation threads between colleagues

2022 Social Engineering Report: How Threat Actors Hijack Attention

As your organization embraces remote work and migrates to the cloud, the risk of data loss increases. Legacy data loss prevention (DLP) solutions weren’t developed with these new dynamics in mind. In its recently published “Market Guide for Data Loss Prevention,” Gartner® lays out the guiding principles for modern DLP and how DLP is converging with insider risk management.  

Join us as we discuss these principles and demonstrate how we think Proofpoint Enterprise DLP delivers capabilities that deliver on these principles: 

- Cloud-native platform for DLP across email, endpoint, cloud and web  
- Centralized policy manager for DLP detectors and advanced features such as Exact Data Matching and AI-generated dictionaries  
- Content inspection and the ability to recognize and apply sensitivity labels 
- Data classification and data lineage capabilities for visibility, auditing, data controls and more 
- User behavior monitoring and analytics for rich forensics and reporting on insider threats 



*GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.

Guiding Principles for a Modern DLP Solution

Join Tim Choi and Mayank Choudhary for a conversation about the growing concerns on insider threats and data loss. A new people-centric approach is needed and in this interview session, we will share the suggested approach to this security and compliance problem.

The audience can learn more about:
- What is people-centric security and how does it help organizations view their security and compliance program
- What are insider threats and why cross-functional initiatives between cybersecurity, HR, Legal, Ethics are key in 2020
- How to drive deterrence and change user behavior
- How to prevent data loss at the endpoint in 2020

This video interview will be broadcast LIVE during RSA Conference in San Francisco.

Insider Threats & People-Centric Approach to Security & Compliance

Insider Threat

The Human Element

Compliance

Data Loss Prevention

RSAC

Cyber Security

Security Awareness

Email Security

User Behavior

Enterprise Security

Welcome to the mobile computing community on BrightTALK! With the consumerization of IT and the widespread adoption of mobile devices across the globe, mobile computing has become an important part of many people's lives in a culture of bring your own device (BYOD). With mobile devices doubling as work phones and more employees working from home, businesses need to provide secure access to data and work applications from anywhere at any time. Join this growing community and hear from industry thought leaders in webinars and videos as they share their insight on mobile computing research and trends.

Mobile Computing

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

The unexpected nature of natural disasters and other disruptive events means that preparation is key to managing disaster recovery and business continuity planning. Join the business continuity and disaster recovery community for live and recorded presentations discussing best practices for business continuity planning, disaster recovery programs and business continuity management. Learn from BCDR experts to develop your critical infrastructure and gain insight into tactical solutions to your BCDR issues.

Business Continuity / Disaster Recovery

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Information Technology

Thousands of healthcare IT professionals compose the health IT community on BrightTALK. Learn alongside them with relevant webinars on healthcare IT compliance, big data in healthcare and IT solutions for healthcare organizations. Join the conversation by asking questions and engaging with other participants during live webinars and organized discussions.

Health IT

The research and development community on BrightTALK brings together leading professionals in healthcare, technology and manufacturing to present on current topics in their fields. From big data in healthcare to online forensics training and medical research practices, the community is an exceptional resource for those looking to expand their knowledge. Be part of the conversation by joining the community and participating in interactive live webinars.

Insider Threats & People-Centric Approach to Security & Compliance

Presented by

About this talk

More from this channel